Top news stories this week
- Big data leaks. Data breaches announced by Episource and Louis Vuitton.
- Identities exposed. UK personnel and Afghan allies among thousands affected by 2022 breach.
- Flame war. DragonForce ransomware group claims attack on US retailer Belk.
- Crackdown. US soldier pleads guilty to telecommunication hacking and US authorities charge members associated with Ryuk ransomware gang.
- Gathering steam. Vulnerabilities in IoT systems in trains and cars exposed.
- Drag along. Fashion retailer shares down 20% due to cyber incident at key trading partner M&S.
1. Data breaches announced by Episource and Louis Vuitton
Medical billing giant Episource is notifying 5.4 million people about the theft of their data, making it one of the largest healthcare breaches of the year.
Separately, the luxury goods brand Louis Vuitton confirmed that the three data breaches that affected its customers in the UK, South Korea and Turkey stemmed from the same ransomware incident.
So what?
The scale of these data breaches highlight the importance of early incident detection and response. Acting quickly can prevent the breach spreading within the business and before a data theft occurs.
[Researcher: Milda Petraityte]
2. UK personnel and Afghan allies among thousands affected by 2022 breach
A significant data breach in February 2022 exposed the identities and sensitive information of almost 19,000 Afghans and 100 British intelligence operatives. This week, authorities lifted the super injunction placed on the breach's discovery in September 2023, making the extent of breach public.
So what?
Failures in data handling can lead to significant and dangerous consequences, in this case putting both British personnel and Afghan partners at potential risk of harm.
[Researcher: Lawrence Copson]
3. DragonForce ransomware group leaks data of US retailer Belk
The Ransomware as a Service (RaaS) group DragonForce has leaked 150GB of data allegedly stolen from the US department store chain Belk. The hackers also shared an image of a dragon breathing fire on one of Belk’s stores, mirroring a similar image sent to journalists during the attack on UK-based retailer, Co-op.
Separately, the CEO of Co-op confirmed that data from all of its 6.5 million members was compromised in the cyberattack last April.
So what?
Ransomware groups rely on branding and reputation to establish credibility and intimidate victims into paying ransoms.
[Researcher: James Tytler]
4. US soldier pleads guilty to hacking and US authorities charge Ryuk ransomware members
A 21 year old US soldier has admitted to unlawfully accessing and transferring confidential phone records, and now faces a potential 20-year prison sentence. The soldier targeted and extorted telecommunication companies and claimed to possess call logs of former US vice president Kamala Harris and president Donald Trump.
Separately, US authorities have arrested multiple individuals in connection with Ryuk ransomware. Ryuk has been responsible for thousands of attacks since emerging in August 2018, notably conducting a series of attacks impacting healthcare organisations across the US, Britain, and Germany between 2019-2020.
SO WHAT?
Arrests of ransomware gang members impact operations of these criminal groups and disrupt cyber crime infrastructure, demonstrating continued law enforcement successes.
[Researcher: Adelaide Parker]
5. Vulnerabilities in train and car IoT systems identified
CISA has issued an advisory warning of vulnerabilities in communication systems used to control trains. Separately, researchers have identified flaws in OpenSynergy's Bluetooth technology, BlueSDK, which could allow attackers to access the central dashboard system of at least three major vehicle manufacturers.
So What?
Vulnerabilities in IoT devices carry significant physical safety ramifications, reinforcing the need for robust security controls and testing.
[Researcher: Jack Woods]
6. Fashion retailer shares down 20% due to cyber incident at key trading partner M&S
Sosandar, a key trading partner to Marks & Spencer experienced a 20% drop in its share price after it downgraded is full-year revenue outlook. The women’s fashion retailer cited the need to take a more cautious approach following the highly publicised cyber incidents at M&S and others in the sector.
SO WHAT?
Incidents within the supply chain, as well as in the same sector, may have knock-on effects that impact your bottom line. Review your supply chain for vulnerabilities and stay ahead by accessing up to date threat intelligence.
[Researcher: Lester Lim]
-1-1.jpeg?width=121&height=121&name=MicrosoftTeams-image%20(11)-1-1.jpeg)
